215 lines
8.6 KiB
JSON
215 lines
8.6 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20161196",
|
|
"Version": "oval:org.altlinux.errata:def:20161196",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2016-1196: package `samba-DC` update to version 4.3.6-alt1",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch p9"
|
|
],
|
|
"Products": [
|
|
"ALT Server",
|
|
"ALT Virtualization Server",
|
|
"ALT Workstation",
|
|
"ALT Workstation K",
|
|
"ALT Education",
|
|
"Simply Linux",
|
|
"Starterkit"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2016-1196",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2016-1196",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2016-00900",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2016-00900",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2016-00902",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2016-00902",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2015-7560",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-7560",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-0771",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0771",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades samba-DC to version 4.3.6-alt1. \nSecurity Fix(es):\n\n * BDU:2016-00900: Уязвимость файловой системы Samba, позволяющая нарушителю получить конфиденциальную информацию или вызвать отказ в обслуживании\n\n * BDU:2016-00902: Уязвимость файловой системы Samba, позволяющая нарушителю изменять произвольные списки управления доступом\n\n * CVE-2015-7560: The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.\n\n * CVE-2016-0771: The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "Low",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2016-03-09"
|
|
},
|
|
"Updated": {
|
|
"Date": "2016-03-09"
|
|
},
|
|
"BDUs": [
|
|
{
|
|
"ID": "BDU:2016-00900",
|
|
"CVSS": "AV:N/AC:M/Au:S/C:P/I:N/A:P",
|
|
"CWE": "CWE-119",
|
|
"Href": "https://bdu.fstec.ru/vul/2016-00900",
|
|
"Impact": "Low",
|
|
"Public": "20160314"
|
|
},
|
|
{
|
|
"ID": "BDU:2016-00902",
|
|
"CVSS": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
|
|
"CWE": "CWE-284",
|
|
"Href": "https://bdu.fstec.ru/vul/2016-00902",
|
|
"Impact": "Low",
|
|
"Public": "20160314"
|
|
}
|
|
],
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2015-7560",
|
|
"CVSS": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
|
|
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
|
|
"CWE": "CWE-284",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-7560",
|
|
"Impact": "Low",
|
|
"Public": "20160313"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-0771",
|
|
"CVSS": "AV:N/AC:M/Au:S/C:P/I:N/A:P",
|
|
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
|
|
"CWE": "CWE-119",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0771",
|
|
"Impact": "Low",
|
|
"Public": "20160313"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:kworkstation:9",
|
|
"cpe:/o:alt:workstation:9",
|
|
"cpe:/o:alt:server:9",
|
|
"cpe:/o:alt:server-v:9",
|
|
"cpe:/o:alt:education:9",
|
|
"cpe:/o:alt:slinux:9",
|
|
"cpe:/o:alt:starterkit:p9",
|
|
"cpe:/o:alt:kworkstation:9.1",
|
|
"cpe:/o:alt:workstation:9.1",
|
|
"cpe:/o:alt:server:9.1",
|
|
"cpe:/o:alt:server-v:9.1",
|
|
"cpe:/o:alt:education:9.1",
|
|
"cpe:/o:alt:slinux:9.1",
|
|
"cpe:/o:alt:starterkit:9.1",
|
|
"cpe:/o:alt:kworkstation:9.2",
|
|
"cpe:/o:alt:workstation:9.2",
|
|
"cpe:/o:alt:server:9.2",
|
|
"cpe:/o:alt:server-v:9.2",
|
|
"cpe:/o:alt:education:9.2",
|
|
"cpe:/o:alt:slinux:9.2",
|
|
"cpe:/o:alt:starterkit:9.2"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:1001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196001",
|
|
"Comment": "python-module-samba-DC is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196002",
|
|
"Comment": "samba-DC is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196003",
|
|
"Comment": "samba-DC-client is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196004",
|
|
"Comment": "samba-DC-common is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196005",
|
|
"Comment": "samba-DC-ctdb is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196006",
|
|
"Comment": "samba-DC-ctdb-devel is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196007",
|
|
"Comment": "samba-DC-ctdb-tests is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196008",
|
|
"Comment": "samba-DC-devel is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196009",
|
|
"Comment": "samba-DC-doc is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196010",
|
|
"Comment": "samba-DC-libs is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196011",
|
|
"Comment": "samba-DC-pidl is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196012",
|
|
"Comment": "samba-DC-test is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196013",
|
|
"Comment": "samba-DC-test-devel is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196014",
|
|
"Comment": "samba-DC-winbind is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196015",
|
|
"Comment": "samba-DC-winbind-clients is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196016",
|
|
"Comment": "samba-DC-winbind-krb5-locator is earlier than 0:4.3.6-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20161196017",
|
|
"Comment": "task-samba-dc is earlier than 0:4.3.6-alt1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |